package cn.yuhan.simplediary.diary.controller;

import cn.yuhan.simplediary.diary.entity.Diary;
import cn.yuhan.simplediary.diary.service.DiaryService;
import cn.yuhan.simplediary.system.entity.User;
import cn.yuhan.simplediary.system.service.UserService;
import lombok.RequiredArgsConstructor;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * 日记相关接口
 */
@RestController
@RequestMapping("/diaries")
@RequiredArgsConstructor
public class DiaryController {

    private final DiaryService diaryService;
    private final UserService userService;

    /**
     * 获取当前用户的日记
     */
    @GetMapping
    public ResponseEntity<List<Diary>> getMyDiaries(Authentication authentication) {
        String username = authentication.getName();
        User user = userService.findByUsername(username);
        List<Diary> diaries = diaryService.getUserDiaries(user.getId());
        return ResponseEntity.ok(diaries);
    }

    /**
     * 普通用户新增日记
     */
    @PostMapping
    public ResponseEntity<String> addDiary(@RequestBody Diary diary, Authentication authentication) {
        String username = authentication.getName();
        User user = userService.findByUsername(username);
        diary.setUserId(user.getId());
        diaryService.createDiary(diary);
        return ResponseEntity.ok("日记添加成功");
    }

    /**
     * 普通用户编辑自己的日记
     */
    @PutMapping("/{id}")
    public ResponseEntity<String> updateDiary(@PathVariable Long id, @RequestBody Diary diary, Authentication authentication) {
        String username = authentication.getName();
        User user = userService.findByUsername(username);
        Diary existing = diaryService.getUserDiaries(user.getId())
                .stream()
                .filter(d -> d.getId().equals(id))
                .findFirst()
                .orElse(null);
        if (existing == null) {
            return ResponseEntity.status(403).body("无权限操作该日记");
        }
        diary.setId(id);
        diary.setUserId(user.getId());
        diaryService.updateDiary(diary);
        return ResponseEntity.ok("日记更新成功");
    }

    /**
     * 普通用户删除自己的日记
     */
    @DeleteMapping("/{id}")
    public ResponseEntity<String> deleteDiary(@PathVariable Long id, Authentication authentication) {
        String username = authentication.getName();
        User user = userService.findByUsername(username);
        Diary existing = diaryService.getUserDiaries(user.getId())
                .stream()
                .filter(d -> d.getId().equals(id))
                .findFirst()
                .orElse(null);
        if (existing == null) {
            return ResponseEntity.status(403).body("无权限操作该日记");
        }
        diaryService.deleteDiary(id);
        return ResponseEntity.ok("日记删除成功");
    }

    /**
     * 管理员查看所有日记
     */
    @GetMapping("/all")
    public ResponseEntity<List<Diary>> getAllDiaries(Authentication authentication) {
        // 这里示范简单角色校验，实际可用注解@PreAuthorize
        if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("ROLE_ADMIN"))) {
            return ResponseEntity.status(403).build();
        }
        List<Diary> allDiaries = diaryService.getAllDiaries();
        return ResponseEntity.ok(allDiaries);
    }

    /**
     * 管理员隐藏或显示某条日记
     */
    @PutMapping("/hide/{id}")
    public ResponseEntity<String> hideDiary(@PathVariable Long id, @RequestParam boolean hidden, Authentication authentication) {
        if (authentication.getAuthorities().stream().noneMatch(a -> a.getAuthority().equals("ROLE_ADMIN"))) {
            return ResponseEntity.status(403).build();
        }
        diaryService.hideDiary(id, hidden);
        return ResponseEntity.ok("操作成功");
    }
}